in

This Blog

Syndication

Tags

News

AlertBoot offers a cloud-based full disk encryption and mobile device security service for companies of any size who want a scalable and easy-to-deploy solution. Centrally managed through a web based console, AlertBoot offers mobile device management, mobile antivirus, remote wipe & lock, device auditing, USB drive and hard disk encryption managed services.

Archives

AlertBoot Endpoint Security

AlertBoot offers a cloud-based full disk encryption and mobile device security service for companies of any size who want a scalable and easy-to-deploy solution. Centrally managed through a web based console, AlertBoot offers mobile device management, mobile antivirus, remote wipe & lock, device auditing, USB drive and hard disk encryption managed services.

Medical ID Theft Stat: 5.8% Of Americans Affected

Mark Twain once noted, and I paraphrase, "there are lies, damned lies, and statistics."  There is also the observation that "to lie with statistics is easy.  To lie without them is easier."  What all this means is that when reporting a statistic, one also has to consider the information that makes up that stat.

Unfortunately, I only have a number, so I'm slightly loath to report this but here it goes....

According to the HIPAA Blog,

Roughly 5.8% of American adults have been victims of medical identity theft, with $20,160 being the average cost per victim.

The author of the blog picked up the figure at a lunch sponsored by Scott & Scott and Chartis.

Drawbacks to the Stat

The latest US population count lies somewhere around 307 million. 5.8% translates to 17.8 million people and a total cost of--wait for it--$359 billion dollars.

That's a mind-boggling amount of money.  As a reference point, Microsoft's combined revenues for 2005 to 2009, inclusive, is $254 billion.

Of course, for the medical ID theft, we have no reference point whatsoever: are the stats for last year?  Or perhaps a combined total for the last 10 years?  If so, what does 5.8% figure really mean?

I wish some kind of supporting data had also been provided...

Would Hard Disk Encryption Make a Dent on That Figure?

Medical facilities have to comply with HIPAA/HITECH, and the use of encryption software is, for the lack of a better word, actively encouraged.

I would assume that the use of encryption would curtail, or at least impact, the theft of medical information.  However, there is no way to know.  Consider all the ways that medical information can be stolen besides surreptitiously lifting laptops and external drives:

  • Internal attacks (less than ethical doctors, nurses, EMTs, etc)
  • Lost or stolen paper documents, folders, etc.
  • A server hacking incident

With the exception of the last one, where file encryption or database encryption could prevent access to sensitive data, there is no way for encryption to prevent theft.  Digital data encryption can't be used on paper documents, and how can encryption stand against someone who has the required passcodes for accessing encrypted data in the first place?

On the other hand, the rate of lost or stolen computers and external data devices (such as USB devices) is high enough that encryption can't be left on the backburner.


Related Articles and Sites:
http://hipaablog.blogspot.com/2010/07/interesting-stat-i-attended-lunch.html
http://financials.morningstar.com/income-statement/is.html?t=MSFT&culture=en-US

 
<Previous Next>

Data Encryption And The Cost Of Data Breaches: FTC Says Put Your Money Where Your Mouth Is?

Drive Encryption Software: Cooper University Hospital Loses Thumb Drive

Comments

No Comments

About sang_lee

Sang Lee is a Senior Account Manager and Security Analyst with AlertBoot, Inc., the leading provider of managed endpoint security services, based in Las Vegas, NV. Mr. Lee helps with the deployment and ongoing support of the AlertBoot disk encryption managed service. Prior to working at AlertBoot, Mr. Lee served in the South Korean Navy. He holds both a B.S. and an M.S. from Tufts University in Medford, Massachusetts, U.S.A.